Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirect to xvid site - updatesearch.org


  • This topic is locked This topic is locked
10 replies to this topic

#1 antaran

antaran

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:09:34 AM

Posted 03 March 2012 - 12:25 AM

I occasionally get redirects to some site advertising something about xvid when using chrome. It doesn't happen on firefox (which I have noscript enabled on if that makes a difference).

I read that others have posted similar problems and I was wondering if I could get some help here.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:34 AM

Posted 03 March 2012 - 03:41 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 antaran

antaran
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:09:34 AM

Posted 03 March 2012 - 05:41 PM

TDSSKiller log:

16:38:43.0232 12896 TDSS rootkit removing tool 2.7.18.0 Mar 2 2012 09:40:07
16:38:43.0625 12896 ============================================================
16:38:43.0626 12896 Current date / time: 2012/03/03 16:38:43.0625
16:38:43.0626 12896 SystemInfo:
16:38:43.0626 12896
16:38:43.0626 12896 OS Version: 6.1.7601 ServicePack: 1.0
16:38:43.0626 12896 Product type: Workstation
16:38:43.0626 12896 ComputerName: JOHNY-LAPTOP
16:38:43.0626 12896 UserName: Johny
16:38:43.0626 12896 Windows directory: C:\Windows
16:38:43.0626 12896 System windows directory: C:\Windows
16:38:43.0626 12896 Running under WOW64
16:38:43.0626 12896 Processor architecture: Intel x64
16:38:43.0626 12896 Number of processors: 8
16:38:43.0626 12896 Page size: 0x1000
16:38:43.0626 12896 Boot type: Normal boot
16:38:43.0626 12896 ============================================================
16:38:44.0059 12896 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:38:44.0064 12896 \Device\Harddisk0\DR0:
16:38:44.0089 12896 MBR used
16:38:44.0089 12896 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
16:38:44.0089 12896 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x48AD4800
16:38:44.0089 12896 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x48B38800, BlocksNum 0x1CEB800
16:38:44.0089 12896 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x4A824000, BlocksNum 0x33AB0
16:38:44.0174 12896 Initialize success
16:38:44.0174 12896 ============================================================
16:38:56.0502 14132 ============================================================
16:38:56.0502 14132 Scan started
16:38:56.0502 14132 Mode: Manual; TDLFS;
16:38:56.0502 14132 ============================================================
16:38:58.0110 14132 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:38:58.0114 14132 1394ohci - ok
16:38:58.0187 14132 Accelerometer (5c368f4b04ed2a923e6afca2d37baff5) C:\Windows\system32\DRIVERS\Accelerometer.sys
16:38:58.0189 14132 Accelerometer - ok
16:38:58.0233 14132 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:38:58.0237 14132 ACPI - ok
16:38:58.0252 14132 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:38:58.0254 14132 AcpiPmi - ok
16:38:58.0326 14132 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
16:38:58.0328 14132 adfs - ok
16:38:58.0416 14132 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
16:38:58.0421 14132 adp94xx - ok
16:38:58.0480 14132 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
16:38:58.0485 14132 adpahci - ok
16:38:58.0536 14132 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
16:38:58.0539 14132 adpu320 - ok
16:38:58.0636 14132 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:38:58.0642 14132 AFD - ok
16:38:58.0679 14132 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:38:58.0681 14132 agp440 - ok
16:38:58.0756 14132 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:38:58.0758 14132 aliide - ok
16:38:58.0878 14132 ALSysIO - ok
16:38:58.0918 14132 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:38:58.0920 14132 amdide - ok
16:38:59.0003 14132 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
16:38:59.0007 14132 AmdK8 - ok
16:38:59.0241 14132 amdkmdag (c4a36b9afb5c993c0a750589bbeac845) C:\Windows\system32\DRIVERS\atikmdag.sys
16:38:59.0330 14132 amdkmdag - ok
16:38:59.0453 14132 amdkmdap (ee789ea97d06bec75fcd5e69bb69a93b) C:\Windows\system32\DRIVERS\atikmpag.sys
16:38:59.0459 14132 amdkmdap - ok
16:38:59.0495 14132 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
16:38:59.0497 14132 AmdPPM - ok
16:38:59.0557 14132 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:38:59.0562 14132 amdsata - ok
16:38:59.0599 14132 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
16:38:59.0604 14132 amdsbs - ok
16:38:59.0638 14132 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:38:59.0641 14132 amdxata - ok
16:38:59.0719 14132 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:38:59.0721 14132 AppID - ok
16:38:59.0786 14132 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
16:38:59.0789 14132 arc - ok
16:38:59.0836 14132 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
16:38:59.0839 14132 arcsas - ok
16:38:59.0895 14132 aswFsBlk (ce6d8bcc4787704ea4feeb92b0d0caf8) C:\Windows\system32\drivers\aswFsBlk.sys
16:38:59.0899 14132 aswFsBlk - ok
16:38:59.0984 14132 aswMonFlt (0debeb2e3fbd0bf5343125cce617f105) C:\Windows\system32\drivers\aswMonFlt.sys
16:38:59.0987 14132 aswMonFlt - ok
16:39:00.0019 14132 aswRdr (952edc2e81f85d1781958d4128bf59f8) C:\Windows\system32\drivers\aswRdr.sys
16:39:00.0021 14132 aswRdr - ok
16:39:00.0063 14132 aswSnx (dd383e2ac941c545a85ab72503da6c12) C:\Windows\system32\drivers\aswSnx.sys
16:39:00.0071 14132 aswSnx - ok
16:39:00.0110 14132 aswSP (ef5403fb8b2dcb791ec365fdf6040a4a) C:\Windows\system32\drivers\aswSP.sys
16:39:00.0115 14132 aswSP - ok
16:39:00.0147 14132 aswTdi (34165da5c6b30c0f9d61246bf8a28040) C:\Windows\system32\drivers\aswTdi.sys
16:39:00.0150 14132 aswTdi - ok
16:39:00.0177 14132 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:39:00.0180 14132 AsyncMac - ok
16:39:00.0250 14132 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:39:00.0254 14132 atapi - ok
16:39:00.0410 14132 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
16:39:00.0416 14132 b06bdrv - ok
16:39:00.0447 14132 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:39:00.0451 14132 b57nd60a - ok
16:39:00.0565 14132 BCM43XX (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys
16:39:00.0579 14132 BCM43XX - ok
16:39:00.0616 14132 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:39:00.0618 14132 Beep - ok
16:39:00.0685 14132 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
16:39:00.0688 14132 blbdrive - ok
16:39:00.0797 14132 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:39:00.0800 14132 bowser - ok
16:39:00.0837 14132 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
16:39:00.0839 14132 BrFiltLo - ok
16:39:00.0870 14132 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
16:39:00.0872 14132 BrFiltUp - ok
16:39:00.0968 14132 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:39:00.0973 14132 Brserid - ok
16:39:01.0056 14132 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:39:01.0059 14132 BrSerWdm - ok
16:39:01.0102 14132 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:39:01.0105 14132 BrUsbMdm - ok
16:39:01.0113 14132 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:39:01.0115 14132 BrUsbSer - ok
16:39:01.0128 14132 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
16:39:01.0131 14132 BTHMODEM - ok
16:39:01.0169 14132 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:39:01.0172 14132 cdfs - ok
16:39:01.0237 14132 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
16:39:01.0240 14132 cdrom - ok
16:39:01.0297 14132 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
16:39:01.0300 14132 circlass - ok
16:39:01.0328 14132 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:39:01.0335 14132 CLFS - ok
16:39:01.0549 14132 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
16:39:01.0552 14132 clwvd - ok
16:39:01.0591 14132 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
16:39:01.0594 14132 CmBatt - ok
16:39:01.0641 14132 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:39:01.0643 14132 cmdide - ok
16:39:01.0724 14132 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
16:39:01.0731 14132 CNG - ok
16:39:01.0823 14132 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
16:39:01.0826 14132 Compbatt - ok
16:39:01.0876 14132 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
16:39:01.0880 14132 CompositeBus - ok
16:39:01.0934 14132 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
16:39:01.0936 14132 crcdisk - ok
16:39:02.0014 14132 dfmirage (178a6e9a0dce42959fc5ad129f60cba9) C:\Windows\system32\DRIVERS\dfmirage.sys
16:39:02.0017 14132 dfmirage - ok
16:39:02.0093 14132 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:39:02.0095 14132 DfsC - ok
16:39:02.0114 14132 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:39:02.0116 14132 discache - ok
16:39:02.0164 14132 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
16:39:02.0167 14132 Disk - ok
16:39:02.0221 14132 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:39:02.0223 14132 drmkaud - ok
16:39:02.0261 14132 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:39:02.0273 14132 DXGKrnl - ok
16:39:02.0435 14132 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
16:39:02.0466 14132 ebdrv - ok
16:39:02.0611 14132 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys
16:39:02.0615 14132 ElbyCDIO - ok
16:39:02.0659 14132 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
16:39:02.0666 14132 elxstor - ok
16:39:02.0686 14132 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:39:02.0688 14132 ErrDev - ok
16:39:02.0722 14132 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:39:02.0726 14132 exfat - ok
16:39:02.0805 14132 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:39:02.0811 14132 fastfat - ok
16:39:02.0843 14132 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
16:39:02.0846 14132 fdc - ok
16:39:02.0866 14132 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:39:02.0869 14132 FileInfo - ok
16:39:02.0888 14132 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:39:02.0890 14132 Filetrace - ok
16:39:02.0908 14132 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
16:39:02.0910 14132 flpydisk - ok
16:39:02.0927 14132 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:39:02.0932 14132 FltMgr - ok
16:39:02.0993 14132 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:39:02.0996 14132 FsDepends - ok
16:39:03.0036 14132 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
16:39:03.0038 14132 Fs_Rec - ok
16:39:03.0070 14132 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:39:03.0074 14132 fvevol - ok
16:39:03.0092 14132 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
16:39:03.0095 14132 gagp30kx - ok
16:39:03.0182 14132 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:39:03.0185 14132 GEARAspiWDM - ok
16:39:03.0232 14132 hamachi (081ec78c25ba9b2a41f2e807736ff659) C:\Windows\system32\DRIVERS\hamachi.sys
16:39:03.0235 14132 hamachi - ok
16:39:03.0261 14132 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:39:03.0264 14132 hcw85cir - ok
16:39:03.0297 14132 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
16:39:03.0303 14132 HdAudAddService - ok
16:39:03.0334 14132 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:39:03.0337 14132 HDAudBus - ok
16:39:03.0409 14132 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
16:39:03.0412 14132 HidBatt - ok
16:39:03.0426 14132 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
16:39:03.0430 14132 HidBth - ok
16:39:03.0456 14132 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
16:39:03.0460 14132 HidIr - ok
16:39:03.0508 14132 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
16:39:03.0511 14132 HidUsb - ok
16:39:03.0629 14132 hpdskflt (4e0bec0f78096ffd6d3314b497fc49d3) C:\Windows\system32\DRIVERS\hpdskflt.sys
16:39:03.0631 14132 hpdskflt - ok
16:39:03.0681 14132 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:39:03.0684 14132 HpSAMD - ok
16:39:03.0746 14132 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:39:03.0761 14132 HTTP - ok
16:39:03.0781 14132 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:39:03.0784 14132 hwpolicy - ok
16:39:03.0827 14132 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
16:39:03.0831 14132 i8042prt - ok
16:39:03.0892 14132 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\DRIVERS\iaStor.sys
16:39:03.0896 14132 iaStor - ok
16:39:03.0973 14132 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:39:03.0979 14132 iaStorV - ok
16:39:04.0019 14132 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
16:39:04.0022 14132 iirsp - ok
16:39:04.0092 14132 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
16:39:04.0097 14132 IntcDAud - ok
16:39:04.0155 14132 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:39:04.0157 14132 intelide - ok
16:39:04.0389 14132 intelkmd (795c99dc4f574c97c03d0bb39cf099ee) C:\Windows\system32\DRIVERS\igdpmd64.sys
16:39:04.0507 14132 intelkmd - ok
16:39:04.0593 14132 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:39:04.0595 14132 intelppm - ok
16:39:04.0628 14132 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:39:04.0631 14132 IpFilterDriver - ok
16:39:04.0655 14132 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:39:04.0657 14132 IPMIDRV - ok
16:39:04.0696 14132 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:39:04.0699 14132 IPNAT - ok
16:39:04.0813 14132 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:39:04.0820 14132 IRENUM - ok
16:39:04.0863 14132 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:39:04.0866 14132 isapnp - ok
16:39:04.0899 14132 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:39:04.0904 14132 iScsiPrt - ok
16:39:04.0936 14132 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
16:39:04.0939 14132 kbdclass - ok
16:39:04.0963 14132 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
16:39:04.0966 14132 kbdhid - ok
16:39:05.0051 14132 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
16:39:05.0055 14132 KSecDD - ok
16:39:05.0071 14132 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
16:39:05.0075 14132 KSecPkg - ok
16:39:05.0093 14132 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:39:05.0095 14132 ksthunk - ok
16:39:05.0220 14132 LEqdUsb (ed7ec050cd6c20e1a93a4dafb7efd14d) C:\Windows\system32\DRIVERS\LEqdUsb.Sys
16:39:05.0223 14132 LEqdUsb - ok
16:39:05.0273 14132 LHidEqd (3267bc698e29474a8381e68904eb0390) C:\Windows\system32\DRIVERS\LHidEqd.Sys
16:39:05.0276 14132 LHidEqd - ok
16:39:05.0314 14132 LHidFilt (241f2648adf090e2a10095bd6d6f5dcb) C:\Windows\system32\DRIVERS\LHidFilt.Sys
16:39:05.0317 14132 LHidFilt - ok
16:39:05.0375 14132 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:39:05.0378 14132 lltdio - ok
16:39:05.0487 14132 LMouFilt (342ed5a4b3326014438f36d22d803737) C:\Windows\system32\DRIVERS\LMouFilt.Sys
16:39:05.0490 14132 LMouFilt - ok
16:39:05.0543 14132 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
16:39:05.0546 14132 LSI_FC - ok
16:39:05.0591 14132 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
16:39:05.0594 14132 LSI_SAS - ok
16:39:05.0635 14132 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
16:39:05.0638 14132 LSI_SAS2 - ok
16:39:05.0700 14132 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
16:39:05.0703 14132 LSI_SCSI - ok
16:39:05.0744 14132 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:39:05.0747 14132 luafv - ok
16:39:05.0794 14132 LUsbFilt (9d9714e78eac9e5368208649489c920e) C:\Windows\system32\Drivers\LUsbFilt.Sys
16:39:05.0797 14132 LUsbFilt - ok
16:39:05.0877 14132 LVcKap64 (a7ee9295f5b6fc300dfe1825894b7fde) C:\Windows\system32\DRIVERS\LVcKap64.sys
16:39:05.0892 14132 LVcKap64 - ok
16:39:06.0040 14132 LVRS64 (0c85b2b6fb74b36a251792d45e0ef860) C:\Windows\system32\DRIVERS\lvrs64.sys
16:39:06.0046 14132 LVRS64 - ok
16:39:06.0182 14132 LVUVC64 (ff3a488924b0032b1a9ca6948c1fa9e8) C:\Windows\system32\DRIVERS\lvuvc64.sys
16:39:06.0227 14132 LVUVC64 - ok
16:39:06.0334 14132 ManyCam (d33e2b74cf8b3a652bf0a9fbd068e87a) C:\Windows\system32\DRIVERS\ManyCam_x64.sys
16:39:06.0337 14132 ManyCam - ok
16:39:06.0384 14132 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
16:39:06.0387 14132 megasas - ok
16:39:06.0414 14132 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
16:39:06.0418 14132 MegaSR - ok
16:39:06.0554 14132 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
16:39:06.0557 14132 MEIx64 - ok
16:39:06.0589 14132 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:39:06.0591 14132 Modem - ok
16:39:06.0624 14132 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:39:06.0627 14132 monitor - ok
16:39:06.0655 14132 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:39:06.0658 14132 mouclass - ok
16:39:06.0683 14132 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:39:06.0685 14132 mouhid - ok
16:39:06.0713 14132 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:39:06.0715 14132 mountmgr - ok
16:39:06.0792 14132 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:39:06.0796 14132 mpio - ok
16:39:06.0810 14132 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:39:06.0813 14132 mpsdrv - ok
16:39:06.0834 14132 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:39:06.0838 14132 MRxDAV - ok
16:39:06.0875 14132 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:39:06.0878 14132 mrxsmb - ok
16:39:06.0913 14132 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:39:06.0919 14132 mrxsmb10 - ok
16:39:06.0934 14132 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:39:06.0937 14132 mrxsmb20 - ok
16:39:07.0042 14132 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:39:07.0046 14132 msahci - ok
16:39:07.0081 14132 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:39:07.0085 14132 msdsm - ok
16:39:07.0110 14132 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:39:07.0113 14132 Msfs - ok
16:39:07.0141 14132 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:39:07.0144 14132 mshidkmdf - ok
16:39:07.0167 14132 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:39:07.0170 14132 msisadrv - ok
16:39:07.0253 14132 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:39:07.0255 14132 MSKSSRV - ok
16:39:07.0268 14132 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:39:07.0271 14132 MSPCLOCK - ok
16:39:07.0279 14132 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:39:07.0281 14132 MSPQM - ok
16:39:07.0300 14132 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:39:07.0305 14132 MsRPC - ok
16:39:07.0331 14132 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:39:07.0333 14132 mssmbios - ok
16:39:07.0346 14132 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:39:07.0348 14132 MSTEE - ok
16:39:07.0371 14132 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
16:39:07.0373 14132 MTConfig - ok
16:39:07.0565 14132 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:39:07.0569 14132 Mup - ok
16:39:07.0715 14132 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:39:07.0720 14132 NativeWifiP - ok
16:39:07.0765 14132 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
16:39:07.0776 14132 NDIS - ok
16:39:07.0799 14132 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:39:07.0802 14132 NdisCap - ok
16:39:07.0844 14132 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:39:07.0851 14132 NdisTapi - ok
16:39:07.0883 14132 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:39:07.0886 14132 Ndisuio - ok
16:39:07.0950 14132 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:39:07.0955 14132 NdisWan - ok
16:39:07.0995 14132 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:39:07.0998 14132 NDProxy - ok
16:39:08.0023 14132 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:39:08.0025 14132 NetBIOS - ok
16:39:08.0044 14132 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:39:08.0048 14132 NetBT - ok
16:39:08.0276 14132 NETwNs64 (b9c587bdaa61a689883439d5ae6fe7f3) C:\Windows\system32\DRIVERS\NETwNs64.sys
16:39:08.0372 14132 NETwNs64 - ok
16:39:08.0459 14132 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
16:39:08.0466 14132 nfrd960 - ok
16:39:08.0502 14132 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:39:08.0504 14132 Npfs - ok
16:39:08.0521 14132 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:39:08.0523 14132 nsiproxy - ok
16:39:08.0577 14132 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:39:08.0593 14132 Ntfs - ok
16:39:08.0661 14132 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:39:08.0663 14132 Null - ok
16:39:08.0688 14132 nusb3hub (158ad24745bd85ba9be3c51c38f48c32) C:\Windows\system32\DRIVERS\nusb3hub.sys
16:39:08.0691 14132 nusb3hub - ok
16:39:08.0747 14132 nusb3xhc (d40a13b2c0891e218f9523b376955db6) C:\Windows\system32\DRIVERS\nusb3xhc.sys
16:39:08.0757 14132 nusb3xhc - ok
16:39:08.0788 14132 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
16:39:08.0796 14132 NVENETFD - ok
16:39:08.0863 14132 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:39:08.0867 14132 nvraid - ok
16:39:08.0889 14132 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:39:08.0893 14132 nvstor - ok
16:39:08.0921 14132 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:39:08.0924 14132 nv_agp - ok
16:39:08.0978 14132 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:39:08.0981 14132 ohci1394 - ok
16:39:09.0000 14132 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
16:39:09.0003 14132 Parport - ok
16:39:09.0018 14132 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
16:39:09.0021 14132 partmgr - ok
16:39:09.0098 14132 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:39:09.0105 14132 pci - ok
16:39:09.0121 14132 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:39:09.0125 14132 pciide - ok
16:39:09.0171 14132 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
16:39:09.0176 14132 pcmcia - ok
16:39:09.0192 14132 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:39:09.0195 14132 pcw - ok
16:39:09.0263 14132 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:39:09.0271 14132 PEAUTH - ok
16:39:09.0348 14132 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:39:09.0351 14132 PptpMiniport - ok
16:39:09.0382 14132 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
16:39:09.0385 14132 Processor - ok
16:39:09.0447 14132 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:39:09.0451 14132 Psched - ok
16:39:09.0500 14132 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
16:39:09.0516 14132 ql2300 - ok
16:39:09.0554 14132 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
16:39:09.0556 14132 ql40xx - ok
16:39:09.0594 14132 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:39:09.0597 14132 QWAVEdrv - ok
16:39:09.0679 14132 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:39:09.0682 14132 RasAcd - ok
16:39:09.0722 14132 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:39:09.0725 14132 RasAgileVpn - ok
16:39:09.0758 14132 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:39:09.0761 14132 Rasl2tp - ok
16:39:09.0781 14132 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:39:09.0784 14132 RasPppoe - ok
16:39:09.0801 14132 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:39:09.0804 14132 RasSstp - ok
16:39:09.0867 14132 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:39:09.0872 14132 rdbss - ok
16:39:09.0928 14132 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
16:39:09.0931 14132 rdpbus - ok
16:39:09.0955 14132 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:39:09.0957 14132 RDPCDD - ok
16:39:09.0991 14132 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:39:09.0993 14132 RDPENCDD - ok
16:39:10.0008 14132 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:39:10.0011 14132 RDPREFMP - ok
16:39:10.0062 14132 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
16:39:10.0066 14132 RDPWD - ok
16:39:10.0100 14132 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:39:10.0104 14132 rdyboost - ok
16:39:10.0182 14132 RSPCIESTOR (d5c3e1629a3f7f0857d27949252b94ce) C:\Windows\system32\DRIVERS\RtsPStor.sys
16:39:10.0188 14132 RSPCIESTOR - ok
16:39:10.0250 14132 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:39:10.0253 14132 rspndr - ok
16:39:10.0275 14132 RTL8167 (ed5873f7dfb2f96d37f13322211b6bdc) C:\Windows\system32\DRIVERS\Rt64win7.sys
16:39:10.0282 14132 RTL8167 - ok
16:39:10.0314 14132 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:39:10.0317 14132 sbp2port - ok
16:39:10.0339 14132 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:39:10.0341 14132 scfilter - ok
16:39:10.0383 14132 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
16:39:10.0386 14132 sdbus - ok
16:39:10.0462 14132 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:39:10.0470 14132 secdrv - ok
16:39:10.0514 14132 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
16:39:10.0516 14132 Serenum - ok
16:39:10.0537 14132 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
16:39:10.0540 14132 Serial - ok
16:39:10.0578 14132 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
16:39:10.0581 14132 sermouse - ok
16:39:10.0665 14132 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:39:10.0668 14132 sffdisk - ok
16:39:10.0684 14132 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:39:10.0686 14132 sffp_mmc - ok
16:39:10.0694 14132 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
16:39:10.0696 14132 sffp_sd - ok
16:39:10.0712 14132 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
16:39:10.0714 14132 sfloppy - ok
16:39:10.0761 14132 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
16:39:10.0764 14132 SiSRaid2 - ok
16:39:10.0829 14132 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
16:39:10.0832 14132 SiSRaid4 - ok
16:39:10.0866 14132 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:39:10.0869 14132 Smb - ok
16:39:10.0906 14132 SNP2UVC - ok
16:39:10.0927 14132 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:39:10.0930 14132 spldr - ok
16:39:10.0981 14132 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:39:10.0987 14132 srv - ok
16:39:11.0042 14132 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:39:11.0048 14132 srv2 - ok
16:39:11.0098 14132 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
16:39:11.0104 14132 SrvHsfHDA - ok
16:39:11.0135 14132 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
16:39:11.0151 14132 SrvHsfV92 - ok
16:39:11.0180 14132 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
16:39:11.0190 14132 SrvHsfWinac - ok
16:39:11.0266 14132 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:39:11.0270 14132 srvnet - ok
16:39:11.0322 14132 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
16:39:11.0325 14132 stexstor - ok
16:39:11.0379 14132 STHDA (74387b34b43f94e380608888c56a5ccd) C:\Windows\system32\DRIVERS\stwrt64.sys
16:39:11.0387 14132 STHDA - ok
16:39:11.0483 14132 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:39:11.0489 14132 swenum - ok
16:39:11.0576 14132 SynTP (772493a8945495f1a287bf6c4ca25b48) C:\Windows\system32\DRIVERS\SynTP.sys
16:39:11.0583 14132 SynTP - ok
16:39:11.0680 14132 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
16:39:11.0701 14132 Tcpip - ok
16:39:11.0776 14132 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
16:39:11.0788 14132 TCPIP6 - ok
16:39:11.0816 14132 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:39:11.0819 14132 tcpipreg - ok
16:39:11.0848 14132 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:39:11.0850 14132 TDPIPE - ok
16:39:11.0865 14132 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
16:39:11.0868 14132 TDTCP - ok
16:39:11.0891 14132 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:39:11.0894 14132 tdx - ok
16:39:11.0922 14132 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
16:39:11.0925 14132 TermDD - ok
16:39:12.0001 14132 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:39:12.0004 14132 tssecsrv - ok
16:39:12.0029 14132 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:39:12.0032 14132 TsUsbFlt - ok
16:39:12.0060 14132 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
16:39:12.0063 14132 TsUsbGD - ok
16:39:12.0094 14132 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:39:12.0097 14132 tunnel - ok
16:39:12.0113 14132 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
16:39:12.0115 14132 uagp35 - ok
16:39:12.0135 14132 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:39:12.0140 14132 udfs - ok
16:39:12.0195 14132 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:39:12.0198 14132 uliagpkx - ok
16:39:12.0237 14132 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
16:39:12.0239 14132 umbus - ok
16:39:12.0274 14132 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
16:39:12.0276 14132 UmPass - ok
16:39:12.0380 14132 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
16:39:12.0383 14132 USBAAPL64 - ok
16:39:12.0413 14132 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
16:39:12.0417 14132 usbaudio - ok
16:39:12.0458 14132 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
16:39:12.0461 14132 usbccgp - ok
16:39:12.0508 14132 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:39:12.0511 14132 usbcir - ok
16:39:12.0562 14132 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
16:39:12.0565 14132 usbehci - ok
16:39:12.0593 14132 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
16:39:12.0599 14132 usbhub - ok
16:39:12.0614 14132 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
16:39:12.0617 14132 usbohci - ok
16:39:12.0643 14132 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
16:39:12.0646 14132 usbprint - ok
16:39:12.0680 14132 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:39:12.0684 14132 USBSTOR - ok
16:39:12.0693 14132 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
16:39:12.0696 14132 usbuhci - ok
16:39:12.0759 14132 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
16:39:12.0763 14132 usbvideo - ok
16:39:12.0823 14132 VClone (fd911873c0bb6945fa38c16e9a2b58f9) C:\Windows\system32\DRIVERS\VClone.sys
16:39:12.0826 14132 VClone - ok
16:39:12.0856 14132 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:39:12.0859 14132 vdrvroot - ok
16:39:12.0897 14132 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:39:12.0900 14132 vga - ok
16:39:12.0955 14132 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:39:12.0958 14132 VgaSave - ok
16:39:12.0997 14132 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:39:13.0001 14132 vhdmp - ok
16:39:13.0024 14132 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:39:13.0027 14132 viaide - ok
16:39:13.0056 14132 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:39:13.0059 14132 volmgr - ok
16:39:13.0100 14132 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:39:13.0106 14132 volmgrx - ok
16:39:13.0151 14132 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
16:39:13.0157 14132 volsnap - ok
16:39:13.0224 14132 vpnva (13e6d95e7ac67abb7a1196557ef8849f) C:\Windows\system32\DRIVERS\vpnva64.sys
16:39:13.0227 14132 vpnva - ok
16:39:13.0270 14132 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
16:39:13.0274 14132 vsmraid - ok
16:39:13.0296 14132 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:39:13.0300 14132 vwifibus - ok
16:39:13.0353 14132 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:39:13.0356 14132 vwififlt - ok
16:39:13.0404 14132 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
16:39:13.0412 14132 vwifimp - ok
16:39:13.0469 14132 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
16:39:13.0472 14132 WacomPen - ok
16:39:13.0508 14132 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:39:13.0512 14132 WANARP - ok
16:39:13.0515 14132 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:39:13.0517 14132 Wanarpv6 - ok
16:39:13.0572 14132 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
16:39:13.0575 14132 Wd - ok
16:39:13.0606 14132 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:39:13.0616 14132 Wdf01000 - ok
16:39:13.0663 14132 wdkmd (5e1640435dd54d00451156ca5340b109) C:\Windows\system32\DRIVERS\WDKMD.sys
16:39:13.0666 14132 wdkmd - ok
16:39:13.0728 14132 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:39:13.0731 14132 WfpLwf - ok
16:39:13.0745 14132 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:39:13.0748 14132 WIMMount - ok
16:39:13.0834 14132 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
16:39:13.0837 14132 WinUsb - ok
16:39:13.0896 14132 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:39:13.0899 14132 WmiAcpi - ok
16:39:13.0931 14132 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:39:13.0934 14132 ws2ifsl - ok
16:39:13.0962 14132 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:39:13.0965 14132 WudfPf - ok
16:39:14.0012 14132 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:39:14.0016 14132 WUDFRd - ok
16:39:14.0060 14132 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:39:14.0735 14132 \Device\Harddisk0\DR0 - ok
16:39:14.0743 14132 Boot (0x1200) (f835120e2e52079a085c54afa7e2d1a4) \Device\Harddisk0\DR0\Partition0
16:39:14.0744 14132 \Device\Harddisk0\DR0\Partition0 - ok
16:39:14.0751 14132 Boot (0x1200) (e16b8e811be6420a8b75d54cc8554c21) \Device\Harddisk0\DR0\Partition1
16:39:14.0752 14132 \Device\Harddisk0\DR0\Partition1 - ok
16:39:14.0780 14132 Boot (0x1200) (5e820baf99e4cea4e76b7ca28745f264) \Device\Harddisk0\DR0\Partition2
16:39:14.0780 14132 \Device\Harddisk0\DR0\Partition2 - ok
16:39:14.0790 14132 Boot (0x1200) (74991cb07c40897438f35fd54656a0e5) \Device\Harddisk0\DR0\Partition3
16:39:14.0791 14132 \Device\Harddisk0\DR0\Partition3 - ok
16:39:14.0791 14132 ============================================================
16:39:14.0791 14132 Scan finished
16:39:14.0791 14132 ============================================================
16:39:14.0797 8888 Detected object count: 0
16:39:14.0797 8888 Actual detected object count: 0
16:39:25.0770 17780 Deinitialize success

No GMER log because I have 64bit

aswMBR log:
aswMBR version 0.9.9.1649 Copyright© 2011 AVAST Software
Run date: 2012-03-03 08:35:19
-----------------------------
08:35:19.976 OS Version: Windows x64 6.1.7601 Service Pack 1
08:35:19.976 Number of processors: 8 586 0x2A07
08:35:19.979 ComputerName: JOHNY-LAPTOP UserName: Johny
08:35:22.162 Initialize success
08:35:22.221 AVAST engine defs: 12030300
08:35:25.501 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
08:35:25.506 Disk 0 Vendor: TOSHIBA_ MH00 Size: 610480MB BusType: 3
08:35:25.573 Disk 0 MBR read successfully
08:35:25.575 Disk 0 MBR scan
08:35:25.578 Disk 0 Windows 7 default MBR code
08:35:25.597 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
08:35:25.630 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 595369 MB offset 409600
08:35:25.667 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 14807 MB offset 1219725312
08:35:25.686 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 1250050048
08:35:25.737 Disk 0 scanning C:\Windows\system32\drivers
08:35:34.209 Service scanning
08:35:50.511 Modules scanning
08:35:50.525 Disk 0 trace - called modules:
08:35:50.598 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll
08:35:50.609 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8008362790]
08:35:50.618 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa8008268a50]
08:35:50.624 5 hpdskflt.sys[fffff88001b8a189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8008140050]
08:35:52.555 AVAST engine scan C:\
16:32:39.351 Scan finished successfully
16:38:17.172 Disk 0 MBR has been saved successfully to "C:\Users\Johny\Desktop\MBR.dat"
16:38:17.178 The log file has been saved successfully to "C:\Users\Johny\Desktop\aswMBR.txt"

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:34 AM

Posted 04 March 2012 - 01:47 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#5 antaran

antaran
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:09:34 AM

Posted 04 March 2012 - 02:24 PM

ESET did not find anything

minitoolbox results:

MiniToolBox by Farbar Version: 18-01-2012
Ran by Johny (administrator) on 04-03-2012 at 13:13:34
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 localhost127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com

There are 15046 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64 = Local Area Connection 2 (Hardware not present)
Intel® WiFi Link 1000 BGN = Wireless Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection 2" forwarding=enabled advertise=enabled metric=1 nud=enabled
add address name="Wireless Network Connection 3" address=192.168.16.2 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Johny-Laptop
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 8C-A9-82-91-BE-D9
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 8C-A9-82-91-BE-D9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® WiFi Link 1000 BGN
Physical Address. . . . . . . . . : 8C-A9-82-91-BE-D8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 2C-27-D7-AA-A1-0F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::4dae:83c0:5bc2:ca73%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.129(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, March 03, 2012 4:53:49 PM
Lease Expires . . . . . . . . . . : Monday, March 05, 2012 11:25:14 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 237774807
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-7C-90-32-2C-27-D7-AA-A1-0F
DNS Servers . . . . . . . . . . . : 192.168.7.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{606B7AC6-4FF0-4C47-988E-AEFD35A0E072}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{ADED8BC2-D3D1-4737-AD5C-1BAD04BFEBD8}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{4F73BD80-5313-4F0A-A106-6A36D489C744}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:b2:1c13:3f57:fe7e(Preferred)
Link-local IPv6 Address . . . . . : fe80::b2:1c13:3f57:fe7e%15(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{C942FF13-5EAF-4F6C-9C4F-D2658BA3926D}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.7.254

Name: google.com
Addresses: 74.125.225.130
74.125.225.131
74.125.225.132
74.125.225.133
74.125.225.134
74.125.225.135
74.125.225.136
74.125.225.137
74.125.225.142
74.125.225.128
74.125.225.129


Pinging google.com [74.125.225.39] with 32 bytes of data:
Reply from 74.125.225.39: bytes=32 time=33ms TTL=50
Reply from 74.125.225.39: bytes=32 time=33ms TTL=50

Ping statistics for 74.125.225.39:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 33ms, Maximum = 33ms, Average = 33ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.7.254

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
98.139.127.62


Pinging yahoo.com [98.139.127.62] with 32 bytes of data:
Reply from 98.139.127.62: bytes=32 time=171ms TTL=47
Request timed out.

Ping statistics for 98.139.127.62:
Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
Minimum = 171ms, Maximum = 171ms, Average = 171ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.7.254

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14...8c a9 82 91 be d9 ......Microsoft Virtual WiFi Miniport Adapter #2
13...8c a9 82 91 be d9 ......Microsoft Virtual WiFi Miniport Adapter
12...8c a9 82 91 be d8 ......Intel® WiFi Link 1000 BGN
11...2c 27 d7 aa a1 0f ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.129 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.129 276
192.168.1.129 255.255.255.255 On-link 192.168.1.129 276
192.168.1.255 255.255.255.255 On-link 192.168.1.129 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.129 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.129 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
15 58 ::/0 On-link
1 306 ::1/128 On-link
15 58 2001::/32 On-link
15 306 2001:0:4137:9e76:b2:1c13:3f57:fe7e/128
On-link
11 276 fe80::/64 On-link
15 306 fe80::/64 On-link
15 306 fe80::b2:1c13:3f57:fe7e/128
On-link
11 276 fe80::4dae:83c0:5bc2:ca73/128
On-link
1 306 ff00::/8 On-link
15 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/04/2012 11:27:17 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/04/2012 11:26:23 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/04/2012 11:26:23 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/04/2012 11:25:47 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/04/2012 09:45:05 AM) (Source: Google Update) (User: Johny)Johny
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (03/04/2012 06:45:05 AM) (Source: Google Update) (User: Johny)Johny
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (03/04/2012 03:45:07 AM) (Source: Google Update) (User: Johny)Johny
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (03/03/2012 04:57:00 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.
.

Error: (03/03/2012 04:54:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/03/2012 04:52:36 PM) (Source: ATIeRecord) (User: )
Description: ATI EEU failed to post message to CCC


System errors:
=============
Error: (03/03/2012 04:54:41 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the vpnagent service.

Error: (02/23/2012 03:21:35 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service.

Error: (02/23/2012 03:21:05 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IKEEXT service.

Error: (02/23/2012 03:20:35 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service.

Error: (02/23/2012 03:20:05 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wuauserv service.

Error: (02/23/2012 03:13:55 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the vpnagent service.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe Acrobat X Pro - English, Français, Deutsch (Version: 10.1.2)
Adobe AIR (Version: 2.7.1.19610)
Adobe Community Help (Version: 3.4.980)
Adobe Content Viewer (Version: 1.4.0)
Adobe Creative Suite 5.5 Design Premium (Version: 5.5)
Adobe Download Assistant (Version: 1.0.6)
Adobe Flash Player 10 ActiveX (Version: 10.2.153.1)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.1.102.62)
Adobe Reader X (10.0.1) (Version: 10.0.1)
Adobe Reader X (10.1.2) MUI (Version: 10.1.2)
Adobe Shockwave Player 11.5 (Version: 11.5.9.620)
Adobe Widget Browser (Version: 2.0 Build 230)
Adobe Widget Browser (Version: 2.0.230)
Agatha Christie - Peril at End House (Version: 2.2.0.95)
AIM 7
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
Aspell English Dictionary-0.50-2
ATI Catalyst Install Manager (Version: 3.0.816.0)
ATW (Version: 10.0.0)
Aurora 12.0a2 (x86 en-US) (Version: 12.0a2)
AuthenTec TrueAPI (Version: 1.2.1.33)
avast! Free Antivirus (Version: 6.0.1367.0)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Bejeweled 3 (Version: 2.2.0.95)
Bing Bar (Version: 7.0.610.0)
Blackhawk Striker 2 (Version: 2.2.0.95)
Blasterball 3 (Version: 2.2.0.95)
Blio (Version: 2.2.6699)
Bonjour (Version: 3.0.0.10)
Bonjour Print Services (Version: 2.0.2.0)
Bounce Symphony (Version: 2.2.0.95)
Build-a-lot 2 (Version: 2.2.0.95)
Cake Mania (Version: 2.2.0.95)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2011.0315.958.16016)
Catalyst Control Center Graphics Previews Common (Version: 2011.0315.958.16016)
Catalyst Control Center InstallProxy (Version: 2011.0315.958.16016)
Catalyst Control Center Localization All (Version: 2011.0315.958.16016)
Catalyst Control Center Profiles Mobile (Version: 2011.0315.958.16016)
ccc-utility64 (Version: 2011.0315.958.16016)
CCC Help Chinese Standard (Version: 2011.0315.0957.16016)
CCC Help Chinese Traditional (Version: 2011.0315.0957.16016)
CCC Help Czech (Version: 2011.0315.0957.16016)
CCC Help Danish (Version: 2011.0315.0957.16016)
CCC Help Dutch (Version: 2011.0315.0957.16016)
CCC Help English (Version: 2011.0315.0957.16016)
CCC Help Finnish (Version: 2011.0315.0957.16016)
CCC Help French (Version: 2011.0315.0957.16016)
CCC Help German (Version: 2011.0315.0957.16016)
CCC Help Greek (Version: 2011.0315.0957.16016)
CCC Help Hungarian (Version: 2011.0315.0957.16016)
CCC Help Italian (Version: 2011.0315.0957.16016)
CCC Help Japanese (Version: 2011.0315.0957.16016)
CCC Help Korean (Version: 2011.0315.0957.16016)
CCC Help Norwegian (Version: 2011.0315.0957.16016)
CCC Help Polish (Version: 2011.0315.0957.16016)
CCC Help Portuguese (Version: 2011.0315.0957.16016)
CCC Help Russian (Version: 2011.0315.0957.16016)
CCC Help Spanish (Version: 2011.0315.0957.16016)
CCC Help Swedish (Version: 2011.0315.0957.16016)
CCC Help Thai (Version: 2011.0315.0957.16016)
CCC Help Turkish (Version: 2011.0315.0957.16016)
CCleaner (Version: 3.14)
Chuzzle Deluxe (Version: 2.2.0.95)
Cisco AnyConnect VPN Client (Version: 2.5.3054)
Cisco Connect (Version: 1.3.11069.2)
Core Temp version 0.99.7 (Version: 0.99.7)
crimson editor
Crimson Editor SVN286 (Version: SVN286)
CutePDF Writer 2.8
CyberLink PowerDVD 10 (Version: 10.0.3.2714)
CyberLink YouCam (Version: 3.5.1.3922)
D3DX10 (Version: 15.4.2368.0902)
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
Dora's World Adventure (Version: 2.2.0.95)
Dropbox (Version: 1.2.52)
Energy Star Digital Logo (Version: 1.0.1)
eReg (Version: 1.20.138.34)
ESU for Microsoft Windows 7 (Version: 1.0.0)
Evernote v. 4.5.1 (Version: 4.5.1.5432)
Facebook Video Calling 1.1.1.1 (Version: 1.1.1)
Farm Frenzy (Version: 2.2.0.95)
FATE - The Traitor Soul (Version: 2.2.0.95)
Focus Magic 3.02
Git version 1.7.8-preview20111206 (Version: 1.7.8-preview20111206)
GNU Aspell 0.50-3
Google Chrome (Version: 17.0.963.56)
Google Gmail Notifier
Google Talk (remove only)
Google Talk Plugin (Version: 2.6.1.5251)
Hewlett-Packard ACLM.NET v1.1.1.0 (Version: 1.00.0000)
HP 3D DriveGuard (Version: 4.1.5.1)
HP Auto (Version: 1.0.12935.3667)
HP Client Services (Version: 1.1.12938.3539)
HP Connection Manager (Version: 4.0.45.1)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Documentation (Version: 1.1.0.0)
HP Games (Version: 1.0.2.4)
HP MovieStore (Version: 1.0.047)
HP MovieStore (Version: 2.0)
HP On Screen Display (Version: 1.1.2)
HP Power Manager (Version: 1.2.3)
HP Quick Launch (Version: 2.3.6)
HP Setup (Version: 8.6.4530.3651)
HP Setup Manager (Version: 1.1.13231.3673)
HP SimplePass 2011 (Version: 5.1.0.495)
HP Software Framework (Version: 4.0.110.1)
HP Support Assistant (Version: 6.0.5.4)
IDT Audio (Version: 1.0.6329.0)
Intel PROSet Wireless
Intel® Display Audio Driver (Version: 6.14.00.3074)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® PROSet/Wireless WiFi Software (Version: 14.0.2000)
Intel® Rapid Storage Technology (Version: 10.1.2.1004)
Intel® Wireless Display
Intel® Wireless Display (Version: 2.0.30.0)
iTunes (Version: 10.5.3.3)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 20 (Version: 6.0.200)
Java™ 6 Update 24 (64-bit) (Version: 6.0.240)
Java™ 6 Update 31 (Version: 6.0.310)
Java™ SE Development Kit 6 Update 26 (Version: 1.6.0.260)
JMP 9 (Version: 9.0)
JMP Profiler Core (Version: 1.0.0)
JMP Profiler GUI (Version: 1.0.0)
Junk Mail filter update (Version: 15.4.3502.0922)
Logitech Audio Echo Cancellation Component (64-bit) (Version: 1.00.0000)
Logitech SetPoint 6.32 (Version: 6.32.20)
Magic Desktop (Version: 3.0)
Mah Jong Medley (Version: 2.2.0.95)
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Compatibility Toolkit 5.6 (Version: 5.6.7324.0)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (Version: 12.0.4518.1014)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
MiKTeX 2.9 (Version: 2.9)
Mozilla Firefox 8.0.1 (x86 en-US) (Version: 8.0.1)
Mozilla Maintenance Service (Version: 12.0a2)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery P.I. - Stolen in San Francisco (Version: 2.2.0.95)
Namco All-Stars PAC-MAN (Version: 2.2.0.95)
Notepad++ (Version: 5.9.2)
PDF Settings CS5 (Version: 10.0)
Penguins! (Version: 2.2.0.95)
PHP 5.3.6 (Version: 5.3.6)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
PlayReady PC Runtime x86 (Version: 1.3.0)
Pokemon Online 1.0.30 Patch 1
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
PuTTY version 0.60 (Version: 0.60)
PX Profile Update (Version: 1.00.1.)
Python 2.7 matplotlib-1.1.0
Python 2.7 numpy-1.5.1
Python 2.7 scipy-0.9.0rc5
Python 2.7.2 (Version: 2.7.2150)
QuickTime (Version: 7.71.80.42)
RDM+ 4.11
Realtek Ethernet Controller Driver (Version: 7.41.216.2011)
Realtek PCIE Card Reader (Version: 6.1.7600.74)
Recovery Manager (Version: 2.0.0)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.32.0)
RoxioNow Player (Version: 1.9.5.103)
Skype™ 5.7 (Version: 5.7.123)
Slingo Supreme (Version: 2.2.0.95)
Spotify (Version: 0.5.2)
Spotify (Version: 0.8.2.567.g655da453)
SpywareBlaster 4.6 (Version: 4.6.0)
SpywareGuard v2.2 (Version: 2.2)
StarCraft II (Version: 1.4.2.20141)
Steam (Version: 1.0.0.0)
Synaptics TouchPad Driver (Version: 15.3.27.1)
TeXnicCenter Version 1.0 Stable RC1 (Version: Version 1.0 Stable RC1)
TortoiseGit 1.7.6.0 (64 bit) (Version: 1.7.6.0)
TreeSize Free V2.5 (Version: 2.5)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2597998) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update Installer for WildTangent Games App
Validity WBF DDK (Version: 4.3.118.0)
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95)
VirtualCloneDrive
VLC media player 1.1.10 (Version: 1.1.10)
WebEx
Wheel of Fortune 2 (Version: 2.2.0.95)
WildTangent Games App (HP Games) (Version: 4.0.5.2)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinSCP 4.3.6 (Version: 4.3.6)
XAMPP 1.7.4
Zuma Deluxe (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 41%
Total physical RAM: 8139.86 MB
Available physical RAM: 4747.83 MB
Total Pagefile: 16277.91 MB
Available Pagefile: 13036.95 MB
Total Virtual: 4095.88 MB
Available Virtual: 3967.39 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:581.42 GB) (Free:467.89 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:14.46 GB) (Free:1.61 GB) NTFS

========================= Users: ========================================

User accounts for \\JOHNY-LAPTOP

Administrator Guest Johny


**** End of log ****

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:34 AM

Posted 05 March 2012 - 03:30 AM

Download

http://go.microsoft.com/?linkid=9668866

Run the fixit

I still need your MALWAREBYTES log

#7 antaran

antaran
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:09:34 AM

Posted 05 March 2012 - 12:34 PM

Sorry about that. I ran the fixit tool.

Here is the malware bytes log:

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.03.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Johny :: JOHNY-LAPTOP [administrator]

3/4/2012 3:20:20 AM
mbam-log-2012-03-04 (03-20-20).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 631950
Time elapsed: 1 hour(s), 36 minute(s),

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:34 AM

Posted 06 March 2012 - 01:54 AM

Do you still face redirects?

#9 antaran

antaran
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:09:34 AM

Posted 06 March 2012 - 08:47 AM

Yea, it happened again after I ran the Microsoft fixit tool. It seems to happen very randomly, once every few hours and seems to only happen when I use Chrome, not Firefox (although I have no script on Firefox).

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:34 AM

Posted 08 March 2012 - 05:42 AM

Bit weird ,We need to take a deeper look

Read the guide here on preparing logs

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck

#11 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:34 AM

Posted 12 March 2012 - 05:40 PM

Malware topic here: http://www.bleepingcomputer.com/forums/topic445976.html

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MR Team member is already assisting you and not open the thread to respond.

To avoid confusion, I am closing this topic.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users